abeDCP

> So, from the error message alone, (and looking up what `ProcessHeaps` is), it turns out it's a pointer to a pointer to a void. So first you need to...

Is it possible that the available attributes are not defined in the ProcessHeaps object? (layer_name) >>> print(dir(process_heaps_dereference)) ['VolTemplateProxy', '_abstractmethods', 'class', 'delattr', 'dict', 'dir', 'doc', 'eq', 'format', 'ge', 'getattr', 'getattribute', 'gt',...

> You can use [`volobj.cast`](https://volatility3.readthedocs.io/en/stable/volatility3.framework.interfaces.objects.html#volatility3.framework.interfaces.objects.ObjectInterface.cast) method to changer the type of an object, so when you get to the `void` object, you can cast it to whatever type it should...

Thanks ikelos for your help and time. I'm trying to get array of heaps as you told me "heap_array = process_heaps_dereference.cast('array', count=_PEB.NumberofHeaps, subtype='_HEAP') I don't remember whether subtype will accept...

Hi ikelos, Thanks for your time. I think I have done the subtype correctly, but I am not sure if it is correct, ` peb = proc.get_peb() number_of_heaps = peb.NumberOfHeaps...

Hi Ikelos, Nothing, I am not able to find where the bug is and how I could solve it, with volatility2 I can get the Heaps (Modifying the VadInfo plugin...